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Amendments to the Ciaims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1 . {currently amended) A computer system operating in a network environment 
for preventing security breaches, comprising: 

an interface layer that receives at least one connection request from 
another computer; and 

a security layer that examines the connection request, gathers a list of 
router addresses and compares the router addresses to a set of known firewall router 
address : and 

a socket layer residing above the security layer and coupling connection 
requests to data stored on the computer . 

2. (original) The computer system of claim 1 , wherein the security layer 
generates an alert to a user of the computer if one of the gathered addresses match 
one of the known firewall router addresses. 

3. (original) The computer system of claim 2, wherein the security layer provides 
the user of the computer the option to grant or deny the connection request. 

4. (original) The computer system of claim 1 , wherein the security layer denies 
the connection request if one of the gathered addresses match one of the known 
firewall router addresses. 

5. (original) The computer system of claim 1 , wherein the security layer uses a 
traceroute to gather the list of router addresses. 
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6. (original) The computer system of claim 5, wherein the traceroute gathers 
Internet Protocol (IP) addresses of all routers between the computer system and a 
machine originating the connection request. 

7. (canceled). 

8. (original) The computer system of claim 6, wherein the security layer resides 
between the socket layer and the interface layer. 

9. (original) The computer system of claim 1, wherein the security layer monitors 
Transmission Control Protocol (TCP) data packets for synchronization (SYN) requests. 

10. (currently amended) A computer implemented method operating in a network 
environment for preventing security breaches, comprising: 

receiving at least one connection request from another computer; 
gathering a list of router addresses associated with the connection 

request; an4 

comparing the router addresses to a set of known firewall router address; 

and 

forming a socket layer residing above the security layer and coupling 
connection reguests to data stored on the computer 

1 1 . (original) The method of claim 10, further comprising alerting a user of the 
computer if one of the gathered addresses match one of the known firewall router 
addresses. 

12. (original) The method of claim 10, further comprising providing a user of the 
computer the option to grant or deny the connection request. 



3 



PAGE 5/9 ' RCVD AT 7/26/2005 8:49:38 PM [Eastern Daylight Time] • SVR:USPTO-EFXRF-6/24 * DNIS:2738300 * CSID:818 885 5750 * DURATION (mm-ss):03-54 



07/26/2005 17:49 818-885-5750 



DEFRANK 



PAGE 



Serial No.: 09/996,132 
Attorney Docket No.: AUS9-2001-O435-US! 

13. (original) The method of claim 10, further comprising denying the connection 
request if one of the gathered addresses match one of the known firewall router 
addresses. 

14. (original) The method of claim 10, further comprising using a traceroute to 
gather the list of router addresses. 

15. (original) The method of claim 14, wherein the traceroute gathers Internet 
Protocol (IP) addresses of all routers between the computer system and the machine 
originating the connection request. 

16. (currently amended) A computer-readable medium having computer- 
executable instructions operating on a computer system for validating connection 
requests on a networked computer, comprising: 

an interface module operating on the computer that examines the 
connection request and collects Internet Protocol (IP) addresses of all routers between 
the computer and a machine originating the connection request; 

a security module that compares the collected addresses to a set of 
known firewall router address and prevents the connection request if the any of the 
collected addresses match the set of known firewall addresses , wherein the security 
module monitors Transmission Control Protocol (TCP) data packets for synchronization 
(SYN) requests . 

17. (original) The computer-readable medium of claim 16, wherein an alert is 
provided to a user of the computer if one of the gathered addresses match one of the 
known firewall router addresses. 

18. (original) The computer-readable medium of claim 16, wherein the security 
module provides a user of the computer the option to grant or deny the connection 
request. 
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19. (original) The computer-readable medium of claim 16, wherein the interface 
module uses a traceroute to collect the router addresses. 

20. (canceled). 
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